Airflow
STDIOMCP server for controlling Airflow via APIs with read/write capabilities
MCP server for controlling Airflow via APIs with read/write capabilities
This MCP server is certified by MCPHub. This certification ensures that airflow-mcp-server follows best practices for Model Context Protocol implementation.
A Model Context Protocol server for controlling Airflow via Airflow APIs.
https://github.com/user-attachments/assets/f3e60fff-8680-4dd9-b08e-fa7db655a705
{ "mcpServers": { "airflow-mcp-server": { "command": "uvx", "args": [ "airflow-mcp-server", "--base-url", "http://localhost:8080", "--auth-token", "<jwt_token>" ] } } }
Install the plugin alongside the server to mount an MCP endpoint directly in the Airflow webserver:
pip install "airflow-mcp-server[airflow-plugin]"
http(s)://<airflow-host>/mcpAuthorization: Bearer <access-token>?mode=unsafe to enable write operations{ "mcpServers": { "airflow-mcp-server-http": { "command": "uvx", "args": [ "airflow-mcp-server", "--http", "--port", "3000", "--base-url", "http://localhost:8080", "--auth-token", "<jwt_token>" ] } } }
Note:
- Set
base_urlto the root Airflow URL (e.g.,http://localhost:8080).- Do not include
/api/v2in the base URL. The server will automatically fetch the OpenAPI spec from${base_url}/openapi.json.- Only JWT token is required for authentication. Cookie and basic auth are no longer supported in Airflow 3.0.
The server supports multiple transport protocols:
Standard input/output transport for direct process communication:
airflow-mcp-server --safe --base-url http://localhost:8080 --auth-token <jwt>
Uses Streamable HTTP for better scalability and web compatibility:
airflow-mcp-server --safe --http --port 3000 --base-url http://localhost:8080 --auth-token <jwt>
Note: SSE transport is deprecated. Use
--httpfor new deployments as it provides better bidirectional communication and is the recommended approach by FastMCP.
The server supports two operation modes:
--safe): Only allows read-only operations (GET requests). This is useful when you want to prevent any modifications to your Airflow instance.--unsafe): Allows all operations including modifications. This is the default mode.To start in safe mode:
airflow-mcp-server --safe
To explicitly start in unsafe mode (though this is default):
airflow-mcp-server --unsafe
The server supports two tool discovery approaches:
--static-tools): All tools available immediately. Better for programmatic access but can be overwhelming.To use static tools:
airflow-mcp-server --static-tools
Usage: airflow-mcp-server [OPTIONS] MCP server for Airflow Options: -v, --verbose Increase verbosity -s, --safe Use only read-only tools -u, --unsafe Use all tools (default) --static-tools Use static tools instead of hierarchical discovery --base-url TEXT Airflow API base URL --auth-token TEXT Authentication token (JWT) --http Use HTTP (Streamable HTTP) transport instead of stdio --sse Use Server-Sent Events transport (deprecated, use --http instead) --port INTEGER Port to run HTTP/SSE server on (default: 3000) --host TEXT Host to bind HTTP/SSE server to (default: localhost) --help Show this message and exit.
Authentication
AUTH_TOKEN.Page Limit
The default is 100 items, but you can change it using maximum_page_limit option in [api] section in the airflow.cfg file.
Transport Selection